XML 47 R30.htm IDEA: XBRL DOCUMENT v3.25.4
Cybersecurity Risk Management and Strategy Disclosure
 12 Months Ended
Dec. 31, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]  
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]
At Taboola, cybersecurity risk management is an integral part of our overall enterprise risk management program. We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information.
Our cybersecurity risk management program is based on ISO 27001 standards, which provide a framework and guidelines for implementing and managing an information security system, handling cybersecurity threats and incidents, including threats and incidents relevant to our business, and facilitates coordination across different departments of our Company. Since 2019, Taboola has held an ISO 27001 certification which is audited annually. This framework includes steps for assessing the severity of a cybersecurity threat, identifying the source of a cybersecurity threat including whether the cybersecurity threat is associated with a third-party service provider, implementing cybersecurity countermeasures and mitigation strategies and informing management and our board of directors, as appropriate, of material risks from cybersecurity threats and incidents. As part of this framework, we’ve incorporated third-party service provider cyber qualification processes and supply chain risk management. Our cybersecurity team regularly engages external cybersecurity consultants for risk assessment, security testing and system enhancements. In addition, we provide employees annual cybersecurity training and also provide cybersecurity training for new hires.
Cybersecurity Risk Management Processes Integrated [Flag] true
Cybersecurity Risk Management Processes Integrated [Text Block]
At Taboola, cybersecurity risk management is an integral part of our overall enterprise risk management program. We have developed and implemented a cybersecurity risk management program intended to protect the confidentiality, integrity, and availability of our critical systems and information.
Cybersecurity Risk Management Third Party Engaged [Flag] true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] false
Cybersecurity Risk Board of Directors Oversight [Text Block]
Our board of directors has overall oversight responsibility for our risk management and is charged with oversight of our cybersecurity risk management program. The board of directors is responsible for ensuring that management has processes in place designed to identify and evaluate cybersecurity risks to which the Company is exposed and implement processes and programs to manage cybersecurity risks and mitigate cybersecurity incidents.
Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risk exposures are monitored, putting in place appropriate mitigation measures and maintaining cybersecurity programs. Our cybersecurity programs are under the direction of our Senior Vice President, Research and Development, or SVP R&D, who together with our cybersecurity team, monitors the prevention, detection, mitigation, and remediation of cybersecurity incidents. Members of the cyber security team hold multiple industry recognized cyber security certifications and together have decades of experience, including industry, military and government cyber experience. The SVP R&D updates the board of directors on the Company’s cybersecurity programs, material cybersecurity risks and mitigation strategies and provides cyber security reports at least annually that cover, among other topics, third-party assessments of the Company’s cybersecurity programs, developments in cybersecurity and updates to the Company’s cybersecurity programs and mitigation strategies.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] Our board of directors has overall oversight responsibility for our risk management and is charged with oversight of our cybersecurity risk management program.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] The board of directors is responsible for ensuring that management has processes in place designed to identify and evaluate cybersecurity risks to which the Company is exposed and implement processes and programs to manage cybersecurity risks and mitigate cybersecurity incidents.
Cybersecurity Risk Role of Management [Text Block]
Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risk exposures are monitored, putting in place appropriate mitigation measures and maintaining cybersecurity programs. Our cybersecurity programs are under the direction of our Senior Vice President, Research and Development, or SVP R&D, who together with our cybersecurity team, monitors the prevention, detection, mitigation, and remediation of cybersecurity incidents. Members of the cyber security team hold multiple industry recognized cyber security certifications and together have decades of experience, including industry, military and government cyber experience. The SVP R&D updates the board of directors on the Company’s cybersecurity programs, material cybersecurity risks and mitigation strategies and provides cyber security reports at least annually that cover, among other topics, third-party assessments of the Company’s cybersecurity programs, developments in cybersecurity and updates to the Company’s cybersecurity programs and mitigation strategies.
Cybersecurity Risk Management Positions or Committees Responsible [Text Block] Management is responsible for identifying, considering and assessing material cybersecurity risks on an ongoing basis, establishing processes to ensure that such potential cybersecurity risk exposures are monitored, putting in place appropriate mitigation measures and maintaining cybersecurity programs. Our cybersecurity programs are under the direction of our Senior Vice President, Research and Development, or SVP R&D, who together with our cybersecurity team, monitors the prevention, detection, mitigation, and remediation of cybersecurity incidents.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block] Members of the cyber security team hold multiple industry recognized cyber security certifications and together have decades of experience, including industry, military and government cyber experience.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] Members of the cyber security team hold multiple industry recognized cyber security certifications and together have decades of experience, including industry, military and government cyber experience. The SVP R&D updates the board of directors on the Company’s cybersecurity programs, material cybersecurity risks and mitigation strategies and provides cyber security reports at least annually that cover, among other topics, third-party assessments of the Company’s cybersecurity programs, developments in cybersecurity and updates to the Company’s cybersecurity programs and mitigation strategies.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] true